1

I like to get MSAL Authentication running when i hosted my app on Azure. I get the folowing screen when i publish my Blazor WASM App on Azure as WebApp.

Error screen

1

If i debug with localhost all works like a charme and i am logged in and i will be redirect to my app, but if i publish my app to azure it wont work.

I have tried to add the redirect url the "Web" instead of "SPA" but then i will instantly forwarded to /authentication/login-failed in my app.

If i use "Spa" in the Manifest i will be redirected to Microsoft Login. I fill my data and get the same Screen shown above.

I use .Net 6 and the following NuGet Package:

NuGet Package

2

Please can anyone help me to fix this issue?

Greets Sascha

vimuth
  • 5,064
  • 33
  • 79
  • 116
Sascha Patschka
  • 11
  • 1
  • 3
  • can you please check what error you are getting after trying with platform to "web" – kavyaS Aug 19 '22 at 06:15
  • Hallo If i set platform to web and try to login with new inkognito Tag in the Browser i get no Error, the app will instanstly redirect to ....../authentication/login-failed I use the "RemoteAuthenticatorView" Component, and also in the Console from the Browser are no errors. How o can see any erros with these component? Thanks Br Sascha – Sascha Patschka Aug 20 '22 at 05:02
  • OK, now i get an error when i use the buildin RenderFragment of the "RemoteAuthenticatorView" Component. Error: There was an error trying to log you in: 'Cannot read properties of undefined (reading 'toLowerCase')' – Sascha Patschka Aug 20 '22 at 06:16
  • I try the workaround from here: https://stackoverflow.com/questions/67805062/blazor-wasm-net-6-preview-4-azure-ad-there-was-an-error-trying-to-log-you-in But now I get an error , but only at the redirect uri, not on UI. authentication/login-failed?message=9002326%20-%20%5B2022-08-20%2006%3A40%3A04Z%5D%3A%20AADSTS9002326%3A%20Cross-origin%20token%20redemption%20is%20permitted%20only%20for%20the%20%27Single-Page%20Application%27%20client-type.%20Request%20origin.... – Sascha Patschka Aug 20 '22 at 06:51
  • Have you checked if manifest and appregistration redirect url have different platforms given ..or both given (spa and web). If thats the case make sure only one platform is given.ex: manifest and redirect url in app registration Only with *SPA* – kavyaS Aug 20 '22 at 06:57
  • OK, now i get back to SPA and it runs. I think the workaround with the AssemblyTrimming was the goal. Thanks to all for try to help me – Sascha Patschka Aug 20 '22 at 07:00

1 Answers1

1

Indeed in some cases ,you must add the redirect URLs under Web platform and not SPA (single page application.)

Also try changing replyUrlsWithType to web in the manifest in azure portal.

"replyUrlsWithType": [ 
        {
        "url": "https://local.com ",
        "type":"web"
         } 
         ],

enter image description here

  • If the type web is causing the error, try changing to SPA in the similar way.

Please also check Redirect URI (reply URL) restrictions - Microsoft Entra | Microsoft Docs.

Note:But please try to delete the url and clear the cache before updating the new one with new url type based on the application.

kavyaS
  • 8,026
  • 1
  • 7
  • 19
  • Hy I have tried this, see my comment above, but i will instantly redirekt to "login-failed" page. If i use "Web" instead of "Spa" the app wont to show me the Login-View. Thanks Greets Sascha – Sascha Patschka Aug 20 '22 at 05:04